frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-03-01 10:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix php notices w/ proper var checks

Browse Source
This commit is contained in:
billz
2023-09-06 09:54:20 +02:00
parent 55c0a49911
commit c64bdb42c8
1 changed files with 20 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
includes/functions.php
View File

@@ -318,23 +318,23 @@ function CSRFMetaTag()
*/
function CSRFValidate()
{
$post_token = $_POST['csrf_token'];
$header_token = $_SERVER['HTTP_X_CSRF_TOKEN'];
if(isset($_POST['csrf_token'])) {
$post_token = $_POST['csrf_token'];
$header_token = $_SERVER['HTTP_X_CSRF_TOKEN'];
if (empty($post_token) && empty($header_token)) {
return false;
}
$request_token = $post_token;
if (empty($post_token)) {
$request_token = $header_token;
}
if (hash_equals($_SESSION['csrf_token'], $request_token)) {
return true;
} else {
error_log('CSRF violation');
return false;
if (empty($post_token) && empty($header_token)) {
return false;
}
$request_token = $post_token;
if (empty($post_token)) {
$request_token = $header_token;
}
if (hash_equals($_SESSION['csrf_token'], $request_token)) {
return true;
} else {
error_log('CSRF violation');
return false;
}
}
}
@@ -685,8 +685,10 @@ function getColorOpt()
}
function getSidebarState()
{
if ($_COOKIE['sidebarToggled'] == 'true' ) {
return"toggled";
if(isset($_COOKIE['sidebarToggled'])) {
if ($_COOKIE['sidebarToggled'] == 'true' ) {
return "toggled";
}
}
}